SUMMARY

• 8 years of Experience and having multiple Certifications Cisco (CCNA&CCNP), in designing, architecting, deploying and troubleshooting Network & Security infrastructure on routers, switches (L2/L3) & firewalls of various vendor equipment.
• Certified Amazon Web Services (Cloud) engineer with 2 years of experience in Cloud computing, Infrastructure Solutions and services, Datacenter virtualization and Database Services.
• In - depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services to meet network requirements in Enterprise and Data Center Network.
• Managing IT/Cloud projects.
• Design, configuration, and support of Cisco Nexus Platforms to include Nexus 2000 (FEX) /5000/7000).
• Experience with Network Automation using Python.
• Experience using Identity Authentication technologies, including Active Directory, LDAP, NTLM and RADIUS TACACS, Cisco ISE v2.1 and ACS.
• Worked extensively on Cisco ASA, Palo Alto, Checkpoint firewalls. Migrated rules from PIX to ASA firewalls
• Setup Security rules/ policies, NAT, site to site VPN, authentication systems, web/URL filtering, threat management, IPS using Palo Alto and Cisco ASA firewalls.
• Extensively worked on Juniper models EX-2200, EX-4200, EX-4500, MX-480, M Series and Juniper SRX firewalls, SRX210 and SRX240.
• Worked on Source Fire, Tipping Point IPS/IDS Systems, vulnerability assessment tools like Nessus, Qualys, and packet capture tools like wireshark, tcpdump.
• Performed Firewall Log monitoring using Splunk and Q Radar.
• Worked heavily on troubleshooting firewalls using packet-captures, syslog server logs, ASP drops etc.
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse &proxy ARP, Ping Concepts.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST.
• Performed complex Network installations, upgrades and patches following established guidelines under broad direction.
• Expert Level Knowledge about TCP/IP and OSI models. Performed advanced network tuning and troubleshooting.
• Experience in configuring HSRP and redistribution between routing protocols troubleshooting them. ..
• Worked on Load Balancers F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications.
• Worked on Wireless Controllers (WLC) and wireless access points (APs) to setup wireless network across the organization.
• Worked extensively with customers to troubleshoot firewalls, VPN and Wireless access points.
• Expert knowledge of cable connectors and replacement as RJ-11, RJ-45, V.35, RS-449.
• Excellent communication skills to interact with team members and support personnel and also can act as a mentor to less experienced personnel.
• Also, performed capacity planning and IP address allocation.
• Upgrading WAN link using PPP Multilink and by implementing Cisco WAAS
• In depth knowledge withNetworkMonitoring systems like solar winds, Whatsup gold, Zenoss and tools like IXIA,Spirent.

TECHNICAL SKILLS

Routers: Cisco 17XX, 18XX, 26XX, 28XX, 37XX, 38XX, 39XX &72XX series.

Switches: Cisco Nexus 7k, Nexus 5K, Nexus 2K, 3550, 3750, 45XX, 65XX series, Brocade

AWS Networking Services: Amazon VPC, Direct Connect, Elastic Load Balancing, Amazon Route53, security groups

Firewalls: Cisco ASA 5510, 5550, 5585, Juniper, Checkpoint, Palo Alto, Cisco PIX

Load Balancer: Cisco ACE, Net scalar 10k, 12k series, F5 (Big IP) LTM, GTM

WAN Optimization: Cisco WAAS, PPP Multilink

Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing, layer2 Switching, layer 3 switching Multicast Operations, Ether channels, Transparent Bridging, VDC, vPC, OTV

LAN: Ethernet, Fast Ethernet, Gigabit Ethernet, FDDI, CDDI, Token Ring, ATM LAN Emulation

WAN: Leased lines 64k - 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), Fiber channels, Frame Relay, ISDN, Load Balancing, MPLS VPN.

Wireless Devices: Motorola Wing NX R0-WR, AP US Features &Services iOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management

AAA Architecture: TACACS+, RADIUS, Cisco ACS, ISE

Monitoring systems: Zenoss, Solar Winds, Whatsup Gold

PROFESSIONAL EXPERIENCE

Confidential, Dallas, TX

Sr. Network Security Engineer

Environment: Cisco ASA, Palo Alto, Nexus 7K/5K/2K, Checkpoint, Cisco ISE, Source Fire, F5.

Responsibilities:

• Monitoring of Infrastructure with Nagios like Firewalls, Servers, Services, Network devices, applications, web portals etc
• Configuration and Administration of Palo Alto Networks Firewall to manage large scale Firewall deployments
• Palo Altodesign and installation of features like Application and URL filtering, Threat Prevention, Data Filtering.
• Configured and maintained IPSEC and SSL VPNs on Palo Alto Firewalls, Cisco ASA to facilitate respective communications. Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
• Configured checkpoint firewall according to client topology and checkpoints features such as Application & URL filtering, Identity Awareness, IPS etc.
• Was responsible for Checkpoint firewall upgrade from R7 with zero downtime.
• Performed firewall load testing.
• Worked extensively on Checkpoint firewalls for analyzing firewall change requests and implementing changes into existing firewall policies, maintaining security standards.
• Support for all migrations, upgrades, PCI and SOX audit requirements, and vulnerability assessments.
• Vulnerability assessments were done using Nessus, Metasploit, Languard, Nmap, web based Qualys scanner, on a monthly basis to help ensure that risks to the networkare mitigated in a timely manner
• Performed intrusion detection using IPS/IDS Systems and firewall Log monitoring using RSA Envision and Q Radar.
• Used packet analysis tools like WireShark, tcpdump and vendor proprietary packet captures and monitoring using Syslog servers.
• Maintained the security standards across the security devices as per the security policies. Failover DMZ zoning & configuring VLANs/Routing/NATing with the firewalls as per the design.
• Resolution of tickets fresh & pending
• Experience with moving data center from one location to another location, from Cisco 6500 based data center to both Cisco 6500 & Nexus based data center.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 7010, 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Implemented and managed Cisco ISE on Secure Network server 3515.Created and managed Authentication, Posture, Guest and profiling policies in Cisco ISE.
• Configuration of ACLs in CiscoASA firewall for Internet Access requests for servers in LAN and DMZ.
• Hands-on experience of configuring ASAs into single and multiple contexts, transparent/routed mode, Failover, policy maps etc.
• Perform extensivetestingaround the upgrade, migration and configuration functionality of our software
• Implemented configuration scripts and necessary changes on switches & routers as per IBM.
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Act as first point of contact to diagnose an issue and drive it to closure.
• Troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
• Experience in developing cloud strategies, roadmaps, architecting (hands-on) new cloud solutions end to end or enterprise level AWS/Azure migrations
• Migrated complex, multi-tier on - premise applications to AWS and picking the right AWS services for the application.
• Automated various network implementations and tasks using python scripting.

Confidential, Pittsburgh, PA

Network Engineer

Environment: MPLS, Nexus 5K/7K/2K, F5, Juniper SRX, ASR 9K, Cisco ASA

Responsibilities:

• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Work on different networking concepts and routing protocols like BGP, EIGRP, OSPF and other LAN/WAN technologies. Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core.
• Automated network implementations and tasks and designed monitoring tools using python scripting
• Working with MPLS Designs from the PE to CE.
• Experience with designing and deployment of MPLS Traffic Engineering.
• Design and deployment of MPLS QOS, MPLS Multicasting per company standards.
• Proactively involved in upgrade, maintenance, monitoring and support for the PA500 Palo Alto devices.
• Install, Configure, and deploy Cisco Call Manager enterprise wide.
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per business needs.
• Experience in using both the TMSH and GUI. Worked on F5 iRules (F5's TCL scripting language) enabling customization of application load balancing solutions through the control and direct manipulation of the application traffic.
• Worked on SSL offloading and implementation of SSL certificate and Key, web acceleration, TCP optimization and application requirements like persistence profiles etc.
• Troubleshooting of the F5 load balancers using tcpdump, syslog servers etc.
• Implemented cluster and configuration of SRX-100 Juniper firewall. Worked on Cisco ASA 5580, Cisco PIX 535, Juniper NS5400, Juniper SRX550 series firewalls.
• Worked extensively in configuration and troubleshooting of Cisco ASA and PIX firewalls.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9Kredundant pair.
• Configuration 7609, 7606 with OSPF and 6505, 4500, 3550 switches with various VLANs.
• Technical Support of Cisco Nexus Switches and Cisco routers using different troubleshooting protocols.
• Manage Cisco routers and switches, including performing installations, upgrades, configurations and management.
• Experience with deploying Fabric Path using Nexus 7000 Devices and configuring FCOE using NX 5548.
• Experience with configuring OTV between the data centers as a layer 2 extension.
• Implement Cisco Secure Access Control Server(ACS) for TACACS+
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s Site.
• Installed controller and light weight access point coordination with JTAC.
• Performing onsite data center support including monitoring electrical power, switch alarms, network alerts and access logs.
• Implemented site to site VPN in Juniper SRX as per customer’s requirement.
• Exhaustive hands-on experience on Cisco, Juniper and network testing gears which include Ixia, breaking point. Testing includes multicast, BGP, IS-IS and OSPF.

Confidential

Network Support Engineer

Responsibilities:

• In-depth expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Planning and configuring the routing protocols such as OSPF, RIP, and Static Routing on the routers.
• WAN Infrastructure running OSPF & BGP as core routing protocol.
• Support various Routers like 2600/3600/7200 series routers.
• Tested authentication in OSPF and BGP.
• Performed and technically documented various test results on the lab tests conducted.
• Hands on Experience working with security issue like applying ACLs, configuring NAT and VPN on Cisco ASA and Palo Alto firewalls.
• Also worked on implementation of master and slave configuration in ASA based cluster.
• System level monitoring on Linux and Infoblox appliances to watch process and service statuses, like Performance Monitoring & Tuning - iostat, vmstat & netstat, nfsstat, etc.
• Perform network maintenance and system upgrades including service packs, patches and security configurations on network devices.
• Configured Firewall logging, DMZs& related security policies & monitoring.
• Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on Cisco ASA 5500 series
• Responsible for Configuring SITE TO SITE VPN on VPN Concentrators series between Head office and Branch office
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware &software client and PIX firewalls.
• Planning and configuring the entire IP addressing plan for the clients'network..
• Assist the certification team and perform configuration of LAN\WAN technologies such as Ethernet, Fast Ethernet, and Gigabit Ethernet.

Confidential

System / Network Engineer

Responsibilities:

• Troubleshooting of CISCO routers like ping, trace route and basic issues.
• Ensure connectivity and communication among networks, servers and clients inside and outside department.
• IOS upgrade for Cisco routers & switches.
• Configured and troubleshoot OSPF and EIGRP.
• Ensure reliability, stability and recoverable of specific server environments.
• WAN Infrastructure running OSPF & BGP as core routing protocol. Tested authentication in OSPF and BGP.
• Normally primary focus involves server hardware associated operating systems and general responsibilities, backup strategies.
• Install and upgrade operating system software configuration and optimize storage systems.
• Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on Cisco ASA 5500 series.
• Planning and configuring the routing protocols such as OSPF, RIP, and Static Routing on the routers.
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall.
• Developing and implementing policy to ensure the integrity, protection and availability to authorized persons of department data and hardware, software and other components which are required for processing data.
• Responsible for evaluating impact and performance on the network server.
• Managing L2 switches of Cisco, VLAN configuration and assigning ports to specific VLAN as per requirement.
• Monitor and tune network to ensure acceptable levels of performance.
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security
• Evaluate application connectivity requirements.
• Worked on enterprise applications like Windows Server, Exchange, SQL, SharePoint, Microsoft Lync server etc.